<html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <title>N02233598</title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link rel="stylesheet" type="text/css" href="/~N02233598/2011/style.css" />
  </head>

  <body>
    <?php
        include("../inc/nav.php");
        include("../inc/header.php");
    ?>
        <?php include("inc/footer.php"); ?>
</body>

</html>

<?php
include('connect.php');
session_start();

$email=$_POST['email'];
$password=$_POST['password'];
if($email&&$password)
{

$connect=mysql_connect(DB_HOST,DB_USER,DB_PASS) or die("Could not connect");
mysql_select_db("N02233598?db")or die("Couldn't fine db");

$query=mysql_query("SELECT * FROM users WHERE email='$email'");

$numrows=mysql_num_rows($query);
if($numrows!=0)
{
//code to login
	while($row=mysql_fetch_assoc($query))
	{
		$dbemail=$row['email'];
		$dbpassword=$row['password'];
	}
	//check to see if they match
	if($email==$dbemail&&md5($password)==$dbpassword)
	{
	  echo "you're in! <a href='main.php'>Click</a> here to enter the member page.";
	$_SESSION['email']=$dbemail;
	}
	else
	  echo"incorrect password!";
}
else
die("that user doesn't exist!");
}
else
{

die("Please enter a username and password");
}
?>

